Michael Paoli
2018-11-29 08:29:58 UTC
Way to go Experian insecurity <sigh>.
Will they never learn?
Me: picks nice secure 20 character password
Them: "Password is too long."
Me: ... 19 characters ...
Them: "Password is too long."
...
16 ... too long
15 ... the damn registration thingy still fails anyway.
There's no good reason to limit password/passphrase lengths ...
especially to anything rather to quite short. After all, what should
be getting stored is
only a secure hash of such, so that will be same length regardless of
password/passphrase length.
Yeah, still, far too many sites, etc., don't properly do/handle
passwords/passphrases.
Ah well, ... at least they have toll free number, and should eventually get
back to me (they tried to fix their basic brokenness on the phone but
were unable to).
Will they never learn?
Me: picks nice secure 20 character password
Them: "Password is too long."
Me: ... 19 characters ...
Them: "Password is too long."
...
16 ... too long
15 ... the damn registration thingy still fails anyway.
There's no good reason to limit password/passphrase lengths ...
especially to anything rather to quite short. After all, what should
be getting stored is
only a secure hash of such, so that will be same length regardless of
password/passphrase length.
Yeah, still, far too many sites, etc., don't properly do/handle
passwords/passphrases.
Ah well, ... at least they have toll free number, and should eventually get
back to me (they tried to fix their basic brokenness on the phone but
were unable to).